Sunday, December 17, 2006

xmldap as a plugin to perpetual motion

Kevin Miller's new Firefox plugin wraps the native Windows CardSpace identity selector, and in the process provides a great card parsing implementation. Since Kevin was kind enough to implement a plugin framework, I figured I'd take advantage and added plugin support to the xmldap selector.

If you pick up the latest version of the plugin (requires Java 1.5 on your system) you will now find a new Identity Selector option in your preferences. If you have both Kevin and my extension installed, and you're on Windows, you can now flip back and forth between the CardSpace selector, and the xmldap selector at will.




The great news is that people implementing selectors will no longer need to worry about augmenting the browser. Now hopefully we can all quickly agree on a preferences structure to allow any implementation to easily add itself to the list.

If you're interested in writing you're own plugin, it's pretty simple...here's the basics of an XPCOM component that implements the plugin interface:

http://openinfocard.googlecode.com/svn/trunk/firefox/components/Identityselector.js

have fun!

9 comments:

Craig Condit said...

I've been working on adding CardSpace login support to my blog, and ran into what I believe is a bug in your Firefox identity selector. My code was successfully parsing Windows CardSpace-generated tokens successfully, but not xmldap tokens. I eventually traced this down to a discrepancy in the AttributeNamespace values used. Microsoft uses "http://schemas.microsoft.com/ws/2005/05/identity/claims" for every claim, while the xmldap selector uses "http://schemas.microsoft.com/ws/2005/05/identity/claims/<property>".

Is this something that can be changed easily?

cmort said...

Hi Craig...

The schema URIs you posted look the same...?

In either case, neither should be parsing for those. They both should be looking for:

http://schemas.xmlsoap.org/ws/2005/05/identity

Craig Condit said...

Ah, I knew I should have previewed... the form is cutting it off.

Schema URLs are the same, but for the endings:

MS: identity/claims
XMLDAP: identity/claims/claim-name

I'm parsing the schemas to allow for easy user-defined claims later.

cmort said...

I see...could be a bug - I'll put in on the list of things to investigate.

thanks!

Max said...

Unfortunately I can't use xmldap extension as identity selector. I have exception:
java.security.PrivilegedActionException: java.security.PrivilegedActionException:
java.lang.reflect.InvocationTargetException: null
caused by java.security.PrivilegedActionException: java.lang.reflect.InvocationTargetException: null
caused by java.lang.reflect.InvocationTargetException: null
caused by java.lang.ClassCastException: org.json.JSONObject$Null: org.json.JSONObject$Null

But Kevin's plugin works properly.
java version "1.5.0_10"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_10-b03)
Java HotSpot(TM) Client VM (build 1.5.0_10-b03, mixed mode, sharing)

cmort said...

Thanks Max...we'll take a look as soon as some free time appears.

Craig Condit said...

Another bug report for you...

It appears the xmldap.org extension ignores the action of the containing form and submits the xmlToken to the page's URL instead. This happens when the extension is used directly, but not in conjunction with the perpetual-motion extension.

Unfortunately, I am unable to use the perpetual-motion extension on linux due to other unrelated issues.

I have verified this issue on Windows, Mac, and Linux so it doesn't appear to be platform related.

I know I probably sound like I'm complaining a lot, but I really appreciate all the hard work you have put into this. The code on your site was very helpful in wrapping my head around how all of this is supposed to work.

Colin! said...

Hey Chuck!

Is the Java identity selector available for download anywhere? xmldap.org seems to be down.

Thanks!
Colin

cmort said...

That's not good - I'll go look at why it's down and bring it back online.

thanks